CNNVD-202509-3879 Information

Sep 24, 2025 cve

CNNVD ID

CNNVD-202509-3879

CVE-2025-10906

CNNVD Published: 2025-09-24

Description (Chinese)

Magnetism Studios Endurance是Magnetism Studios公司的一个电池管理工具。 Magnetism Studios Endurance 3.3.0及之前版本存在访问控制错误漏洞，该漏洞源于NSXPC Interface组件中loadModuleNamedWithReply函数缺少身份验证，可能导致本地攻击。

Description (English)

Magnetism Studios Endurance is a battery management tool for Magnetism Studios. Magnetism Studios Endurance 3.3.0 and previous versions have access control error holes, which stem from the lack of identification in the loadModuleNamedWithReply function of the NSXPC Internet component, which may lead to local attacks.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

Maian Media

Published

2025-09-24

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.325691 https://vuldb.com/?submit.653994 https://vuldb.com/?id.325691 https://github.com/SwayZGl1tZyyy/n-days/blob/main/Endurance/README.md https://github.com/SwayZGl1tZyyy/n-days/blob/main/Endurance/README.md#proof-of-concept https://access.redhat.com/security/cve/cve-2025-10906

Share on: